DHS's Ambitious Cloud Initiatives

The Department of Homeland Security is pursuing nine private and three public cloud computing initiatives. DHS is establishing private cloud services to manage sensitive but unclassified information while using the public cloud for non-sensitive information.

Richard Spires, in testimony last week before the House Homeland Security Committee, said the benefits of cloud computing will enhance mission performance and save money, and they far outweigh the challenges, including IT security.

"Already, at DHS, we are seeing reduced time to market for new capabilities, and soon, we will begin to reduce our capital expenditures while gaining transparency into our operational expenditures in ways we have never been able to before," he said.

Among DHS's private cloud initiatives, according to Spires:

E-mail as a Service: DHS is rolling out messaging capability across headquarters and the Federal Emergency Management Agency, expecting to to have more than 100,000 users DHS-wide on this service offering by the end of fiscal year 2012 next September.

SharePoint as a Service: DHS is migrating headquarters and United States Citizenship and Immigration Services users to its secure collaboration program. The department expects to have nearly 90,000 users DHS-wide on this service by the end of this year, significantly improving information sharing capabilities across the department.

Development and Test as a Service: Moving new releases to production or changes to the multiple, existing environments presents high risk and multiple challenges with new releases or not always working in production, leading to significant inefficiencies. Moving and hosting development and test services to enterprise data centers provides not only a simple path to transition from project creation to implementation, but also accelerated delivery. "We expect to provision new servers within one business day with this new capability, while the legacy model averaged up to six months to provision one server," Spires said. DHS plans to roll out Development and Test as a Service over the next two months.

Infrastructure as a Service: Complementary to the Development and Test as a Service initiative, DHS's Infrastructure as a Service offering provides virtualized production services, including operating systems, network and storage that's consistent with new industry standards. These services will provide a logical destination for code developed in the development and test environment. DHS aims to stand up new services in the cloud in less than one week, while the legacy model typically averaged up to 12 to 18 months. The department expects to have initial Infrastructure as a Service capabilities by year's end.

WorkPlace as a Service: Enabling mobile workforce is a priority within the department, and the CIO is working closely with the other line-of-business chiefs to modernize how DHS employees work. This offering will provide robust virtual desktop, remote access and other mobile services over the next 24 months. This capability enables telework and continuity of operations, not only in the Washington, D.C.-area, but for DHS personnel nationwide. Spires said he expect this service to reduce DHS's out-year expenditures on traditional desktop and laptops as it consumes more mobile enabling technologies.

Project Server as a Service: This offering will provide a robust project management platform to publish project schedules that can more easily be shared across offices, divisions and components. DHS sees this service to better enable standardization of project management disciplines and directly support its efforts to improve the management of IT and non-IT programs. DHS plans to make the service available within one month.

Authentication as a Service: DHS has established a core fundamental offering that provides robust authentication services across 250,000 federal and contractor employees. This service eliminates the need for duplicative authentication services, while significantly enhancing the department's information sharing needs. Nearly 70 DHS applications use this service.

Case and Relationship Management as a Service: Over the next six months, DHS will rollout this service that leverages enterprise license agreements to better enable customer-relationship management and case workflows across DHS. Utilizing these services, the department will pilot a litigation case management initiative for its Immigration and Custom Enforcement unit, partnering with the Transportation Security Agency on modernizing the redress service, improving customer relationship capabilities within the Citizenship and Immigration Services and deploying a regulations tracking service.

Business Intelligence as a Service: In March, the department began piloting an early version of a Business Intelligence capability, which runs through next September. DHS will leverage this offering to enhance transparency into departmental programming and expenditures. By the end of fiscal year 2012, DHS expects the it will have visibility to information sources across the investment lifecycle, including IT, financial, human resources, asset management and other information sources. If the pilot is successful, department expects to move to a full Business Intelligence as a Service offering in fiscal year 2013.

Among DHS's public cloud initiatives, Spires said:

Identity Proofing as a Service: DHS successfully deployed an innovative identity proofing service in the cloud in March, meeting Citizenship and Immigration Services' EVerify self-check requirement to allow individuals in the United States to verify their employment eligibility status before formally seeking employment. Developed with the Social Security Administrations, this voluntary, fee and secure service is available in more than 20 states, including the District of Columbia.

Enterprise Content Delivery as a Service: For the past several years, DHS has used cloud service for enterprise content delivery to ensure its public-facing websites are constantly available. DHS adopted Enterprise Content Delivery as a Service for protection against denial of service attacks, to help manage surge requirements and to significantly reduce hosting costs. This service proved invaluable during the July 4, 2009, denial of service attack on multiple federal websites. DHS.gov experienced a nearly 100-fold increase in traffic, and no services were lost to the public. The department has 70 percent of its externally-facing websites using this service.

Web Content Management as a Service: Building off our success with its public cloud implementation of RestoretheGulf.gov, DHS awarded a hosting contract off the General Services Administration's Infrastructure as a Service Blanket Purchase Agreement (BPA). Within this offering, the department plans to leverage open source software hosted in the public cloud and consolidate all public facing DHS websites. DHS projects it will complete this consolidation over the next two years. During the next six months, the department will pilot multiple websites in the cloud, including websites from Immigration and Customs Enforcement, Citizenship and Immigration Services and the Federal Emergency Management Agency.

"We should not think of the cloud as simply a technology opportunity," Spires told Congress. "It is a far more interesting discourse and a significant change to the fundamental business model for how IT is delivered in the federal government."

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.